CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5632
https://notcve.org/view.php?id=CVE-2017-5632
An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374_979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the device's WAN connection, causing disconnection from the Internet, a Denial of Service (DoS). The attack is only possible from within the local area network. Se ha descubierto un problema en el router wireless ASUS RT-N56U con Firmware 3.0.0.4.374_979. Al ejecutar un comando "nmap -O" que especifica una dirección IP de un dispositivo infectado, se puede derribar la conexión WAN del dispositivo WAN, causando una desconexión de internet, una denegación de servicio (DoS). • http://www.securityfocus.com/bid/95857 https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7790
https://notcve.org/view.php?id=CVE-2015-7790
Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN89965717/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000195 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7788
https://notcve.org/view.php?id=CVE-2015-7788
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos ejecutar comandos arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN34489380/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000193 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7789
https://notcve.org/view.php?id=CVE-2015-7789
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to cause a denial of service via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos provocar una denegación de servicio a través de vectores no especificados. • http://jvn.jp/en/jp/JVN85359294/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000194 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7787
https://notcve.org/view.php?id=CVE-2015-7787
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos descubrir la frase de contraseña WPA2-PSK a través de vectores no especificados. • http://jvn.jp/en/jp/JVN69462495/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •